Got Siemens SCADA? Get patching: the company has issued updates for software using its WinCC application to plug a bunch of remotely-exploitable vulnerabilities.
According to the ICS-CERT advisory, versions of the company's SIMANTIC WinCC, SIMANTIC PCS7 and TIA Portal V13 (which includes a WinCC runtime) are all vulnerable.
There are two specific problems:
- In CVE-2014-8551, score 10, a WinCC component is vulnerable to crafted packets sent to the server, allowing unauthenticated remote code execution; and
- In CVE-2014-8552, score 7.8, crafted packets sent to the WinCC server could allow a remote attacker to pull files from the server.
Both vulnerabilities can be exploited with “low skill”, the advisory states, with ICS-CERT adding: “Indicators exist that this vulnerability may have been exploited during a recent campaign.”
Siemens has issued updates for all products, with detailed instructions in this PDF. ®